Lucene search
K

135 matches found

CVE
CVE
added yesterday8 views

CVE-2026-58489

HedgeDoc is an open source, real-time collaborative markdown notes application. Prior to 1.11.0, the GitHub Gist export flow created an OAuth2 state value but only checked that it was present rather than validating it against the value expected for the user's session. Because the state was not...

6.8CVSS6.1AI score
Exploits0References2
Circl
Circl
added 4 days ago5 views

GHSA-Q7JX-V53G-848W

creationtimestamp| type| source ---|---|--- 2026-07-10 02:42:38+00:00| seen| https://gist.github.com/alon710/c858490dcced6d8c05b3d0f0cec528f1...

5.9AI score
Exploits0References1
Circl
Circl
added 4 days ago5 views

GHSA-9M9W-GXF7-RH8M

creationtimestamp| type| source ---|---|--- 2026-07-10 01:41:47+00:00| seen| https://gist.github.com/alon710/34fe998f34bdbbf866bd428a21589671...

5.9AI score
Exploits0References1
Circl
Circl
added 2026/07/06 5:41 p.m.6 views

GHSA-7JVP-HJ45-2F2M

creationtimestamp| type| source ---|---|--- 2026-07-06 17:41:59+00:00| seen| https://gist.github.com/alon710/3392c028816ef9767631ce548afd9d91...

5.9AI score
Exploits0References1
Circl
Circl
added 2026/07/01 8:42 a.m.9 views

CVE-2026-51924

creationtimestamp| type| source ---|---|--- 2026-07-01 08:42:09+00:00| seen| https://gist.github.com/ZeroBreach-GmbH/530286989ec11137978035020d84bdc4 2026-07-11 00:30:03+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqdfunrwsr2i...

8.1CVSS6.1AI score0.0033EPSS
Exploits0References2
Circl
Circl
added 2026/06/26 4:42 p.m.14 views

GHSA-PX7Q-GGQJ-HCF2

creationtimestamp| type| source ---|---|--- 2026-06-26 16:42:20+00:00| seen| https://gist.github.com/alon710/8649cee74b41dfbab6352036ad771ea3 2026-06-26 16:52:45+00:00| seen| https://gist.github.com/alon710/ab6fb045bc60bbc32d947423444fcf91...

5.8AI score
Exploits0References2
Circl
Circl
added 2026/06/18 1:41 p.m.9 views

GHSA-47QP-HQVX-6R3F

creationtimestamp| type| source ---|---|--- 2026-06-18 13:41:25+00:00| seen| https://gist.github.com/alon710/adfa7aacc3b80320d7d38d47591141d2 2026-06-18 14:01:20+00:00| seen| https://gist.github.com/alon710/1009ff77420ca2d3dfc49ca0eb601808...

5AI score
Exploits0References2
Circl
Circl
added 2026/06/16 10:41 p.m.7 views

GHSA-69QJ-PVH9-C5WG

creationtimestamp| type| source ---|---|--- 2026-06-16 22:41:17+00:00| seen| https://gist.github.com/alon710/2d3358848147c1728694a3629d631316 2026-06-16 23:01:53+00:00| seen| https://gist.github.com/alon710/67012fd2d01a0b46570236682933fc3c...

5AI score
Exploits0References2
Circl
Circl
added 2026/06/09 2:27 a.m.57 views

GHSA-22M2-HVR2-XQC8

creationtimestamp| type| source ---|---|--- 2026-06-09 02:27:39+00:00| seen| https://gist.github.com/lyuyun/60b1d6a8ad599cf3430761a4b380b17e 2026-07-06 14:20:05+00:00| seen| https://bsky.app/profile/malwareobserver.bsky.social/post/3mpybw7ndmy2r...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/14 7:25 p.m.13 views

Malicious code in ethers-abstract-signer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e17d355d974f842bc8db3219ce3f1dc6e643f2a5e1ba8dd0b38a404a8f96e9a8 On npm install, the package's postinstall hook spawns a Node one-liner that uses childprocess.exec to curl/wget...

6.2AI score
Exploits0References2
OSV
OSV
added 2026/05/14 7:25 p.m.9 views

MAL-2026-3760 Malicious code in ethers-abstract-signer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e17d355d974f842bc8db3219ce3f1dc6e643f2a5e1ba8dd0b38a404a8f96e9a8 On npm install, the package's postinstall hook spawns a Node one-liner that uses childprocess.exec to curl/wget...

6.2AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/05/14 7:24 p.m.12 views

Malicious code in npmjs_web3-util (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 263a0126b20b1d58bc0528a4b7bea19027b94383e00b5b9f03b712d96be89ca7 The package's postinstall lifecycle hook downloads a script from a personal GitHub Gist...

5.5AI score
Exploits0References2
OSV
OSV
added 2026/05/14 7:24 p.m.8 views

MAL-2026-3768 Malicious code in npmjs_web3-util (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 263a0126b20b1d58bc0528a4b7bea19027b94383e00b5b9f03b712d96be89ca7 The package's postinstall lifecycle hook downloads a script from a personal GitHub Gist...

5.5AI score
Exploits0References2
Circl
Circl
added 2026/05/14 6:40 p.m.9 views

GHSA-7RX4-C5VX-G8W3

creationtimestamp| type| source ---|---|--- 2026-05-14 18:40:28+00:00| seen| https://gist.github.com/alon710/260608e1e5e80ae5e3b0acd83fc48ee1...

5.8AI score
Exploits0References1
Circl
Circl
added 2026/05/10 2:48 a.m.11 views

CVE-2024-25624

creationtimestamp| type| source ---|---|--- 2026-05-10 02:48:32+00:00| seen| https://gist.github.com/khoindq/bded28fd1242788522ce29d279b9d883 2026-05-10 03:58:34+00:00| seen| https://gist.github.com/khoindq/f145db4952e1aa3644b83c964afbf97a...

6.8CVSS5.8AI score0.00852EPSS
Exploits0References2
Circl
Circl
added 2026/05/06 7:40 a.m.11 views

GHSA-FG3J-5W9G-HMG7

creationtimestamp| type| source ---|---|--- 2026-05-06 07:40:29+00:00| seen| https://gist.github.com/alon710/cdeb633d740e110eed8363124062a03a...

5.8AI score
Exploits0References1
Circl
Circl
added 2026/05/04 5:10 p.m.19 views

CVE-2026-41358

creationtimestamp| type| source ---|---|--- 2026-05-04 17:10:29+00:00| seen| https://gist.github.com/alon710/d4f3d9fbcfea6645ceefb383fa46637f...

5.4CVSS5.7AI score0.0014EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/04/03 11:3 a.m.8 views

Malicious code in mgc (npm)

Package fetches platform-specific stage-2 payloads from a GitHub Gist. The stage-2 payloads are full Remote Access Trojans RATs for Linux Python and Windows PowerShell that beacon to a C2 server, exfiltrate system information, enumerate directories, execute arbitrary commands, and support binary...

6.1AI score
Exploits0References2
OSV
OSV
added 2026/04/03 11:3 a.m.9 views

MAL-2026-2449 Malicious code in mgc (npm)

Package fetches platform-specific stage-2 payloads from a GitHub Gist. The stage-2 payloads are full Remote Access Trojans RATs for Linux Python and Windows PowerShell that beacon to a C2 server, exfiltrate system information, enumerate directories, execute arbitrary commands, and support binary...

6.1AI score
Exploits0References2
Circl
Circl
added 2026/03/14 2:40 a.m.1 views

GHSA-44VG-5WV2-H2HG

creationtimestamp| type| source ---|---|--- 2026-03-14 02:40:05+00:00| seen| https://gist.github.com/alon710/1291af57a3f24c084d79b6036abb3239...

5.7AI score
Exploits0References1
Rows per page
Query Builder